Thanks Sander, It worked now I m not getting Session error
anymore but still Apache is not able to start and throwing the following
error:
ssl-error_log has the following error message
: [error] Unable to configure verify locations for client
authentication
Thanks,
Prakash
-----Original Message-----
From: Sander Temme [mailto:sctemme@xxxxxxxxxx]
Sent:
Tuesday, January 09, 2007 11:41 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:
Verisign signatures with Apache server
Nancy,
On Jan
9, 2007, at 8:20 AM, Booterbaugh, Nancy wrote:
> Error_Log has the
following warning message : Session Cache is
> not
configured [hint: SSLSessionCache]
> ssl-error_log has the following error
message : [error] Unable
> to configure verify
locations for client authentication
Hm... without the SSL session cache,
clients will not be able to re- use their SSL sessions. This can have a
serious performance impact on your server.
Please put in the main server
configuration the following directive:
SSLSessionCache
shm:/usr/local/apache2/logs/ssl_scache(512000)
SSLSessionCacheTimeout
300
See the following documentation URL for an explanation:
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslsessioncache
>
I use following command to start the Apache server instead of
>
"apachectl":
> ./httpd -k start -f
/usr/local/apache2/conf/httpd-cob-certs.conf
That is the command
apachectl executes, so you're fine there.
> Here is the Virtual host
configuration we have in the "httpd-cob-
> certs.conf" file. The only
difference between this and the one we were
> using for self-signed is the
directory location in the SSL parameters.
Looks like a fine configuration
to me, but do add the session cache
stuff.
S.
--
sctemme@xxxxxxxxxx
http://www.temme.net/sander/
PGP
FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529
24AF
|